Preventing users from using previously used passwords is an important industry requirement. In this blog, we look at how you can implement password history with Azure AD B2C.
Continue ReadingMatt Takemoto, our newest software engineer at WhoIAM describes how he revisited a Spotify account breach he experienced in the past after he started working at an identity/security company.
Continue ReadingMigrating from an older identity and access management solution often requires some careful thought on how to port over hashed and salted passwords into your new IAM system. In this post, we will discuss how to deal with migrating hashed passwords from your current identity provider into Azure AD B2C
Continue ReadingAs a company implementing an IAM solution, it is essential to have a plan for mitigating hard-to-discover attacks like credential stuffing. Keep in mind that while you must enforce security measures, there’s careful consideration that needs to go into providing a highly secure authentication mechanism, while ensuring that the friction of logging into your app does not result in customers just dropping off and not completing a registration or sign-in.
Continue ReadingWe frequently get enterprise customers who are deploying Azure AD B2C for their consumer identity needs and have to carefully consider how their customer helpdesk needs to be prepared to deal with the transition to a new consumer identity platform.
Continue Reading